config-scan
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructions include shell commands for file discovery and content analysis.
- Evidence: The skill uses
git ls-files | grepand various regex patterns to analyze file content. - Scope: This is restricted to local, read-only operations on the user's repository to identify misconfigured files.
- [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection because it processes untrusted external data (configuration files) to generate security reports.
- Ingestion points: Processes
.env,Dockerfile,docker-compose.yml, Kubernetes YAML manifests, and Terraform (.tf) files. - Boundary markers: None. The skill interprets the content of these files directly using regex patterns.
- Capability inventory: Read local files, execute basic shell commands (
git,grep), and provide evaluative feedback to the user. - Sanitization: No explicit sanitization or instruction-filtering is mentioned for the content being scanned.
- Severity Justification: Classified as LOW (Tier: Internal influence only) because the skill's output primarily influences the agent's reasoning/reporting rather than triggering high-privilege write operations or network exfiltration.
Audit Metadata